How NSO secretly transmitted malicious code to infect phones with spyware

WhatsApp on Tuesday sued Israeli technology firm NSO group for allegedly targeting "human rights defenders and journalists" as part of a concentrated cyber espionage campaign.

Following are the excerpts from the blog written by Will Cathcart, the head of Whatsapp, describing how the NSO hacked and targeted Whatsapp users.   
 

"In May, WhatsApp announced that we had detected and blocked a new kind of cyberattack involving a vulnerability in our video-calling feature," informed Cathcart. 

"A user would receive what appeared to be a video call, but this was not a normal call. After the phone rang, the attacker secretly transmitted malicious code in an effort to infect the victim’s phone with spyware. The person did not even have to answer the call." said Cathcart. 

Cathcart confirmed that after months of investigation, WhatsApp lodged a complaint with the federal court attributing the violation to Israeli NSO Group. 

"We learned that the attackers used servers and Internet-hosting services that were previously associated with NSO. In addition, as our complaint notes, we have tied certain WhatsApp accounts used during the attacks back to NSO. While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful", the head stated with confidence. 

Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO is based in the Israeli seaside hi-tech hub of Herzliya, near Tel Aviv.

Acoording to Cathcart, NSO Group "targeted at least 100 human-rights defenders, journalists and other members of civil society across the world."

Cathcart urged technology companies, governments and all internet users that this incident should serve as a wake up call. 

"Tools that enable surveillance into our private lives are being abused, and the proliferation of this technology into the hands of irresponsible companies and governments puts us all at risk," warned Cathcart. 
 

WhatsApp

"NSO has previously denied any involvement in the attack, stating that “under no circumstances would NSO be involved in the operating … of its technology. But our investigation found otherwise'', Cathcart said.